BaseInterceptor.java example

Explorer

My-Blog-master
- src
  - main
    - java
      - com
        my
        blog
        website
        CoreApplication.java
        constant
        WebConst.java
        controller
        BaseController.java
        GlobalExceptionHandler.java
        IndexController.java
        admin
        ArticleController.java
        AttachController.java
        AuthController.java
        CategoryController.java
        CommentController.java
        IndexController.java
        LinksController.java
        PageController.java
        SettingController.java
        dao
        AttachVoMapper.java
        CommentVoMapper.java
        ContentVoMapper.java
        LogVoMapper.java
        MetaVoMapper.java
        OptionVoMapper.java
        RelationshipVoMapper.java
        UserVoMapper.java
        dto
        DataSource.java
        ErrorCode.java
        LogActions.java
        MetaDto.java
        Types.java
        exception
        TipException.java
        interceptor
        BaseInterceptor.java
        WebMvcConfig.java
        modal
        Bo
        ArchiveBo.java
        BackResponseBo.java
        CommentBo.java
        RestResponseBo.java
        StatisticsBo.java
        Vo
        AttachVo.java
        AttachVoExample.java
        CommentVo.java
        CommentVoExample.java
        ContentVo.java
        ContentVoExample.java
        LogVo.java
        LogVoExample.java
        MetaVo.java
        MetaVoExample.java
        OptionVo.java
        OptionVoExample.java
        RelationshipVoExample.java
        RelationshipVoKey.java
        UserVo.java
        UserVoExample.java
        service
        IAttachService.java
        ICommentService.java
        IContentService.java
        ILogService.java
        IMetaService.java
        IOptionService.java
        IRelationshipService.java
        ISiteService.java
        IUserService.java
        impl
        AttachServiceImpl.java
        CommentServiceImpl.java
        ContentServiceImpl.java
        LogServiceImpl.java
        MetaServiceImpl.java
        OptionServiceImpl.java
        RelationshipServiceImpl.java
        SiteServiceImpl.java
        UserServiceImpl.java
        utils
        AdminCommons.java
        Commons.java
        DateKit.java
        GsonUtils.java
        IPKit.java
        LogAspect.java
        MapCache.java
        PatternKit.java
        TaleUtils.java
        Tools.java
        UUID.java
        ZipUtils.java
        backup
        Backup.java
        Column.java
        ColumnCollection.java
        FK.java
        FKCollection.java
        Table.java
        TableCollection.java
        db
        Column.java
        ColumnCollection.java
        DataTable.java
        Row.java
  - test
    - java
      - com
        my
        blog
        website
        AsyncTest.java
        Pwdtest.java
        TranscationTest.java
        controller
        IndexControllerTest.java

package com.my.blog.website.interceptor;

import com.my.blog.website.modal.Vo.UserVo;
import com.my.blog.website.service.IUserService;
import com.my.blog.website.utils.*;
import com.my.blog.website.constant.WebConst;
import com.my.blog.website.dto.Types;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 自定义拦截器
 * Created by BlueT on 2017/3/9.
 */
@Component
public class BaseInterceptor implements HandlerInterceptor {
    private static final Logger LOGGE = LoggerFactory.getLogger(BaseInterceptor.class);
    private static final String USER_AGENT = "user-agent";

    @Resource
    private IUserService userService;

    private MapCache cache = MapCache.single();

    @Resource
    private Commons commons;

    @Resource
    private AdminCommons adminCommons;


    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
        String uri = request.getRequestURI();

        LOGGE.info("UserAgent: {}", request.getHeader(USER_AGENT));
        LOGGE.info("用户访问地址: {}, 来路地址: {}", uri, IPKit.getIpAddrByRequest(request));


        //请求拦截处理
        UserVo user = TaleUtils.getLoginUser(request);
        if (null == user) {
            Integer uid = TaleUtils.getCookieUid(request);
            if (null != uid) {
                //这里还是有安全隐患,cookie是可以伪造的
                user = userService.queryUserById(uid);
                request.getSession().setAttribute(WebConst.LOGIN_SESSION_KEY, user);
            }
        }
        if (uri.startsWith("/admin") && !uri.startsWith("/admin/login") && null == user) {
            response.sendRedirect(request.getContextPath() + "/admin/login");
            return false;
        }
        //设置get请求的token
        if (request.getMethod().equals("GET")) {
            String csrf_token = UUID.UU64();
            // 默认存储30分钟
            cache.hset(Types.CSRF_TOKEN.getType(), csrf_token, uri, 30 * 60);
            request.setAttribute("_csrf_token", csrf_token);
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
        httpServletRequest.setAttribute("commons", commons);//一些工具类和公共方法
        httpServletRequest.setAttribute("adminCommons", adminCommons);
    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

    }
}